26 #define foreach_ipsec_if_input_error \ 27 _(RX, "good packets received") \ 28 _(DISABLED, "ipsec packets received on disabled interface") 31 #define _(sym,string) string, 38 #define _(sym,str) IPSEC_IF_INPUT_ERROR_##sym, 70 u32 *from, *to_next = 0, next_index;
71 u32 n_left_from, last_sw_if_index = ~0;
73 u64 n_bytes = 0, n_packets = 0;
88 while (n_left_from > 0)
94 while (n_left_from > 0 && n_left_to_next > 0)
96 u32 bi0, next0, sw_if_index0;
103 bi0 = to_next[0] = from[0];
112 next0 = IPSEC_INPUT_NEXT_DROP;
115 (
u64) clib_net_to_host_u32 (esp0->
spi);
139 (drop_counter, thread_index, sw_if_index0, 1, len0);
140 b0->
error = node->
errors[IPSEC_IF_INPUT_ERROR_DISABLED];
166 (rx_counter, thread_index, sw_if_index0,
170 last_sw_if_index = sw_if_index0;
190 tr->
spi = clib_host_to_net_u32 (esp0->
spi);
191 tr->
seq = clib_host_to_net_u32 (esp0->
seq);
195 n_left_to_next, bi0, next0);
210 last_sw_if_index, n_packets, n_bytes);
214 IPSEC_IF_INPUT_ERROR_RX,
218 IPSEC_IF_INPUT_ERROR_DISABLED, n_disabled);
226 .name =
"ipsec-if-input",
227 .vector_size =
sizeof (
u32),
234 .sibling_of =
"ipsec-input-ip4",
static vlib_cli_command_t trace
(constructor) VLIB_CLI_COMMAND (trace)
ipsec_tunnel_if_t * tunnel_interfaces
static void vlib_increment_combined_counter(vlib_combined_counter_main_t *cm, u32 thread_index, u32 index, u64 n_packets, u64 n_bytes)
Increment a combined counter.
ipsec_proto_main_integ_alg_t * ipsec_proto_main_integ_algs
vnet_interface_main_t interface_main
#define foreach_ipsec_if_input_error
static int ip4_header_bytes(ip4_header_t *i)
u8 * format_ipsec_if_input_trace(u8 *s, va_list *args)
ipsec_integ_alg_t integ_alg
static vnet_hw_interface_t * vnet_get_hw_interface(vnet_main_t *vnm, u32 hw_if_index)
#define VNET_HW_INTERFACE_FLAG_LINK_UP
vlib_error_t * errors
Vector of errors for this node.
static uword ipsec_if_input_node_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *from_frame)
static uword vlib_buffer_length_in_chain(vlib_main_t *vm, vlib_buffer_t *b)
Get length in bytes of the buffer chain.
uword * ipsec_if_pool_index_by_key
vlib_combined_counter_main_t * combined_sw_if_counters
vlib_node_registration_t ipsec_if_input_node
(constructor) VLIB_REGISTER_NODE (ipsec_if_input_node)
#define VLIB_NODE_FUNCTION_MULTIARCH(node, fn)
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
vlib_error_t error
Error code for buffers to be enqueued to error handler.
static void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
#define VLIB_REGISTER_NODE(x,...)
u32 esp_decrypt_next_index
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
static char * ipsec_if_input_error_strings[]
u16 cached_next_index
Next frame index that vector arguments were last enqueued to last time this node ran.
static void vlib_buffer_advance(vlib_buffer_t *b, word l)
Advance current data pointer by the supplied (signed!) amount.
static void * vlib_add_trace(vlib_main_t *vm, vlib_node_runtime_t *r, vlib_buffer_t *b, u32 n_data_bytes)
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
A collection of combined counters.
ipsec_proto_main_t ipsec_proto_main
u32 flags
buffer flags: VLIB_BUFFER_FREE_LIST_INDEX_MASK: bits used to store free list index, VLIB_BUFFER_IS_TRACED: trace this buffer.
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
#define IPSEC_FLAG_IPSEC_GRE_TUNNEL